The Philippines is at a critical juncture in its digital transformation. As the government pushes forward with national modernization efforts, cyber threats continue to evolve along with it. While the digitalization of ASEAN nations has driven economic growth, it has also significantly increased the risk of cybercrime, data breaches, and fraud, all of which are challenges that governments can no longer afford to overlook or leave pondering for a later date.
Cyberattacks on major institutions like PhilHealth, GCash, and even the Philippine election database underscore the urgent need for stronger cybersecurity measures in this ever-evolving digital landscape. With cybercrime losses rising, the question remains: Should the Philippines replace its entire digital infrastructure, or is there a smarter, more cost-effective way to strengthen its defenses?
The case for upgrading, not replacing
According to an interview with Milko Radotic, Asia-Pacific Vice President of iProov and a seasoned expert in biometric security, upgrading existing infrastructure is a more practical and cost-effective approach than a complete system overhaul.
“As much as possible, you want to try to use technology that does not require wholesale replacement for what you already have in place, but a relatively simple add-on or even just a configuration change that allows a citizen to be able to use the technology.”
Radotic emphasizes that modernization does not mean starting from scratch but rather enhancing current systems to improve efficiency and accessibility.
Countries that have successfully modernized their cybersecurity systems have done so by strengthening their existing infrastructure rather than discarding it. Radotic cites iProov’s work with Singapore’s national digital identity system (SingPass) and Australia’s integration of biometrics in government and taxation offices as prime examples of how targeted improvements can enhance security while maintaining efficiency.
He argues that the Philippines can adopt the same approach, with adjustments tailored to its unique limitations. While the scale and resources may differ from those of more developed nations, the fundamental principle remains the same: modernization should build on what already exists.
For the Philippines, it is not only more cost-effective but also more inclusive. Developing nations often face resource constraints, making a complete system overhaul impractical. Instead, modernization efforts should focus on leveraging current infrastructure while ensuring accessibility for all citizens.
Many Filipinos, particularly in rural areas, rely on older devices and unstable internet connections. A cybersecurity solution must therefore be designed with these limitations in mind.
Radotic stresses the importance of inclusivity:
“There is no point in having a service that works well for an iPhone 15, 16, or Samsung S25. It needs to work for the cheapest of the cheap.”
However, upgrading existing systems is not without its challenges. Legacy systems in the Philippines are often fragmented and outdated, making integration complex. Without careful implementation, layering new security measures onto an inefficient system may create vulnerabilities rather than resolve them.
He adds, “That is a really fundamental requirement when you rolling out the program like this.”
This raises valid concerns about whether upgrading alone is enough to address the growing sophistication of cyber threats.
Biometric authentication presents a compelling solution to these challenges. By using biometrics, the Philippines can strengthen security without a complete overhaul and requirement of high-end devices, making it a more inclusive and practical approach.
The role of biometric authentication in Philippine cybersecurity
One of the most promising developments in the Philippine cybersecurity landscape is the increasing use of biometric authentication.
Government initiatives such as the Philippine Identification System (PhilSys) and the Department of Information and Communications Technology’s (DICT) push for a digital identity program mark significant steps toward securing citizen data.
“There is a lot of effort that’s already taken place… initially kickstarted with PhilSys and the enrollment of biometrics for all Filipino citizens… more recently with DICT taking over some of the digital focus on driving a digital identity program for Filipinos,” says Radotic.
The idea is that by integrating biometric authentication into existing digital infrastructure, the government can enhance security without completely overhauling its systems. This ensures that critical services such as healthcare, banking, and online transactions remain accessible while significantly reducing vulnerabilities to fraud and cybercrime, provided that implementation is carried out with professionalism, transparency, and inclusivity in mind.
A smarter approach to cybersecurity—but not a perfect one
Cyber threats will continue to evolve, and while upgrading existing infrastructure is a cost-effective and strategic approach, it is not a silver bullet. The Philippines must weigh the feasibility of upgrading and integrating new technologies into legacy systems against the potential risks and limitations. Modernization efforts must be paired with stronger policies, better enforcement, public transparency, and continuous investment in cybersecurity education and infrastructure.
Ultimately, the discussion should not center solely on upgrading versus replacing but on creating a sustainable, adaptable cybersecurity framework that evolves with emerging threats. The government must take a proactive stance in refining its digital security strategies, ensuring that any upgrades are not just temporary half-baked fixes and implementations but rather a part of a long-term vision for a safer digital future.
